PT-2005-3336 · Dynalink+2 · Dynalink Rta300W+2

Luca Carettoni

Publicado

2005-08-03

Atualizado

2017-07-11

CVE-2005-2424

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Siemens SANTIS 50 version 4.2.8.0

Description The issue allows remote attackers to access the Telnet port without authentication by sending certain packets to the web interface, causing it to freeze. This could potentially affect other products, including Ericsson HN294dp and Dynalink RTA300W.

Recommendations For Siemens SANTIS 50 version 4.2.8.0, consider restricting access to the Telnet port and the web interface until a fix is available. As a temporary workaround, avoid using the web interface to prevent it from freezing and potentially allowing unauthorized access.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2424

Produtos afetados

Dynalink Rta300W

Ericsson Hn294Dp

Siemens Santis 50

PT-2005-3336 · Dynalink+2 · Dynalink Rta300W+2

CVE-2005-2424

Identificadores relacionados

Produtos afetados

Referências · 7